DOCKET NO.: MSFT-2555/304784.01 
Application No.: 10/656,384 
Office Action Dated: April 1 8, 2007 



PATENT 

REPLY FILED UNDER EXPEDITED 
PROCEDURE PURSUANT TO 

37 CFR§ 1.116 



REMARKS 



Status of the Claims 



• Claims 1-26 are pending in the Application after entry of this amendment. 

• Claims 1-33 are rejected by Examiner. 

• Claims 1,10, and 18 are amended by Applicant. 



Claim Rejections Pursuant to 35 U.S.C. §101 

Claims 18-26 stand rejected under 35 U.S.C §101 because they are directed to non- 
statutory subject matter. Specifically, independent Claim 18, as drafted, is considered 
descriptive material without functionality. Applicant amends Claim 1 8 to more clearly claim 
the functionality represented by the instructions stored on the computer-readable medium. 
Applicant finds support for the amendment in Figure 4 and the related text of the as-filed 
specification. Applicant respectfully requests reconsideration and withdrawal of the 35 
U.S.C. §101 rejection based on the present amendment to independent Claim 18. 

Claim Rejections Pursuant to 35 U.S.C. §103 

Claims 1-4, 9-12, 17-21 and 26 stand rejected under 35 U.S.C. § 103(a) as 
unpatentable over U.S. Patent No. 6,317,868 to Grimm et al. (Grimm) in view of U.S. 
Patent No. 5,974,549 to Golan. Applicant respectfully traverses the rejection. 

Grimm teaches: 

"The present invention is directed to processing a software component 11, which is 
shown in FIG. 1, so that it can be modified as appropriate to implement a security 
policy as defined for the site where the software component is executed. [...] 
Accordingly, the present invention enables such a component to be modified when it 
is directed to a computer to be executed at the site, so that when executed, the 
modified software component is forced to adhere to the security policy at the site. 
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When software component 1 1 as originally created needs to be loaded for execution 
by a computer, the present invention provides an introspection service 1 3 that 
intercepts the software component for analysis. Based upon information determined 
by introspection service 13, a security policy service 15 instructs an interposition 
service 17, which is also included in the present invention, how to modify the original 
software component to adhere to the security policies of the site. The interposition 
service thus modifies the original software component by adding code to it producing 
a modified software component 21. 

The modified software component is thus available for execution by the computer 
requesting execution of the original software component. During execution by this 
computer, the modified software component invokes an enforcement service 19, which 
maintains the computer's security state. The enforcement service responds to the 
system's security state, queries the security policy service for security decisions 
related to that state, and enforces them on the computer that is executing the modified 
software component." (Grimm, col. 4 lines 9-44). 

Thus, Applicant notes that Grimm teaches that an original software component 1 1 is 
modified by an introspection service 13 by adding code. In Grimm, it is the modified 
software component, not the original software component, that is executed by the computer. 

Amended Claim 1 recites (in relevant part): 
1 . An object model document comprising: 



a compiled executable file for persisting an object model, the 



file having: 



an image source 



• • • a 



a security source . . . ; and 



a loader 
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Applicant notes that Grimm fails to teach a compiled executable file for persisting an 
object model having the three components of an image file source, a security source, and a 
loader. 

Grimm teaches that the original software component is modified by injecting into the 
original software component calls to an enforcement service associated with security 
identifiers. Grimm teaches: 

"A block 1 8 notes that the security policy service then imposes security operations on 
the original component that modify the operations originally coded into it. The code 
that is injected into the original software component in blocks 16 and 18 comprises 
calls to enforcement service 19, which instruct the enforcement service on how to 
manage the component system's security state and how to enforce security on the 
software component when it is executed as modified. In particular, the security 
operations that are injected into the software component to modify it instruct the 
enforcement service on how to associate component system objects with security 
identifiers" (Grimm, col. 5 lines 28-42) 

Grimm also teaches: 

"After a modified software component has been loaded (i.e., linked and activated) by 
a component system, it executes on the component system in the same manner it 
would have prior to modification by the present invention-with one important 
exception. The security operations that have been injected into the software 
component to create the modified version by the interposition service are now 
executed along with the code comprising the original software component." (Grimm, 
col. 6 lines 6-14). 

Thus, Grimm teaches that the software component is leaded by a component system. 
Grim fails to teach that a loader, included with the image source file and the security source is 
provided. Grimm also teaches that calls to the enforcement server 19 (Grimm, Figure 1) are 
inserted directly into the original software component to generate the modified software 
component as in block 18 (Grimm, Figure 2). This specific modification is important to 
Grimm so that the security operations are executed along with the original software 
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component. Amended Claim 1 has no such function. Applicant respectfully submits that 
Grimm and Claim 1 have different functionalities. 

Amended Claim 1 does not modify any image source or object model as does Grimm. 
Amended Claim 1 recites an "object model document" comprising a compiled executable file 
having three distinct parts; an image source, a security source, and a loader. Grimm does not 
teach an executable file that includes an image source, a security source, and a loader as 
recited in amended Claim 1. 

Whereas Grimm teaches a single entity called a "modified software component" that 
includes an original software component with security operations coded into it, amended 
Claim 1 recites an object model document that is a compiled, executable file that contains (1) 
an image source, (2) a security source, and (3) a loader, all in a single executable entity. 
Applicant cannot find in Grimm a loader included in an executable entity along with an 
image source and a separate security source as recited in amended Claim 1 . Thus there are 
clear structural differences between the teachings of Grimm and the invention of Claim 1 . 

Applicant also notes that the invention of amended Claim 1 also includes the 
functionality of the loader. In amended Claim 1, the loader itself becomes instantiated in the 
memory of the computer along with the object model from the image source and the security 
agent in the memory from the security source. These instantiations are shown clearly in 
Figure 4, in memory 34, of the present specification and are expressed in amended Claim 1. 
Applicant respectfully submits that Grimm does not teach either the executable object model 
document containing the loader, the image source and the security source. Grimm also does 
not teach the instantiations in computer memory that include the loader, the object model, and 
the security agent upon execution of the object model document as recited in amended Claim 



1. 



The Office Action on page 4 states: 

"Grimm doesn't expressively mention that returning to the commander a first 
reference to the instantiated security agent." (Office Action, page 4). 



Applicant agrees. However, Applicant notes that Golan fails to teach the amended 

Claim 1 elements that are missing from Grimm. Specifically, Golan also fails to teach an 
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object model document comprising a compiled executable file having the elements of an 
image source, a security source, and a loader. Golan also fails to teach that the loader, upon a 
command from a commander to execute the executable file, instantiates the loader itself, the 
security agent from the security source, and the object model from the image source as 
recited in amended Claim 1 . 

Applicant notes that independent Claims 10 and 18 also recite the elements that are 
missing from the teachings of Grimm and Golan. Since the combination of Grimm and Golan 
does not teach or suggest all elements of independent Claims 1,10 and 18, then the 
combination of Grimm and Golan cannot render obvious these independent claims under 35 
U.S.C. § 103(a) per MPEP §2143.03. Accordingly, dependent Claims 2-9, 11-17, and 19-26, 
which rely on independent Claims 1,10, and 18 respectively are likewise rendered non- 
obvious. Thus, Claims 1-26 patentably define over the cited art. 

Claim Rejections Pursuant to 35 U.S.C. §103 

Claims 5, 13 and 22 stand rejected under 35 U.S.C. § 103(a) as unpatentable over U.S. 
Patent No. 6,317,868 to Grimm et al. (Grimm) in view of U.S. Patent No. 5,974,549 to 
Golan and in further view of US Publication No. 2003/0200459 to Seeman. Applicant 
respectfully traverses the rejection. 

Claims 5, 13, and 22 are dependent on independent Claims 1,10, and 18 respectively 
which are shown to be patentably distinct from Grimm and Golan as explained above. The 
addition of Seeman does not cure the deficiency of failing to teach all of the elements of the 
independent claims. According to MPEP §2143.03, Claims 5, 13, and 22 are also rendered 
non-obvious. Applicant respectfully requests withdrawal of the 35 U.S.C. § 103(a) rejection 
of Claims 5,13, and 22 because these claims patentably define over the cited art. 

Claim Rejections Pursuant to 35 U.S.C. §103 

Claims 6, 7, 14, 23, and 24 stand rejected under 35 U.S.C. § 103(a) as unpatentable 
over U.S. Patent No. 6,317,868 to Grimm et al. (Grimm) in view of U.S. Patent No. 
5,974,549 to Golan and in further view of US Patent No. 6,980,308 to Masaki. Applicant 
respectfully traverses the rejection. 
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Claims 6-7, 14, and 23-24 are dependent on independent Claims 1, 10, and 18 
respectively which are shown to be patentably distinct from Grimm and Golan as explained 
above. The addition of Masaki does not cure the deficiency of failing to teach all of the 
elements of the independent claims. According to MPEP §2143.03, Claims 6-7, 14, and 23- 
24 are also rendered non-obvious. Applicant respectfully requests withdrawal of the 35 
U.S.C. § 103(a) rejection of Claims 6-7, 14, and 23-24 because these claims patentably define 
over the cited art. 

Claim Rejections Pursuant to 35 U.S.C. §103 

Claims 8, 16, and 25 stand rejected under 35 U.S.C. § 103(a) as unpatentable over 
U.S. Patent No. 6,317,868 to Grimm et al. (Grimm) in view of U.S. Patent No. 5,974,549 to 
Golan and in further view of US Publication No. 2002/0138727 to Dutta et al. (Dutta). 
Applicant respectfully traverses the rejection. 

Claims 8, 16, and 25 are dependent on independent Claims 1,10, and 18 respectively 
which are shown to be patentably distinct from Grimm and Golan as explained above. The 
addition of Dutta does not cure the deficiency of failing to teach all of the elements of the 
independent claims. According to MPEP §2143.03, Claims 8, 16, and 25 are also rendered 
non-obvious. Applicant respectfully requests withdrawal of the 35 U.S.C. § 103(a) rejection 
of Claims 8, 16, and 25 because these claims patentably define over the cited art. 
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Conclusion 

In view of the above amendments and remarks, Applicant respectfully submits that 
the pending claims are not obviated by the cited art. Applicant respectfully requests 
reconsideration and withdrawal of the rejections. Applicant respectfully and earnestly solicits 
a Notice of Allowance for all pending claims. 
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